Bad bots provide the most traffic in Germany

B2B Cyber ​​Security ShortNews

Share post

In 2022, 68,6 percent of all internet traffic in Germany came from bots, a significant increase compared to the previous year (39,6 percent). In an analysis, Imperva examined the number of bots on the Internet over the past ten years. 

The 68,6 percent of bot traffic is offset by the proportion of traffic generated by human users at 25,2 percent, which is a rapid decrease compared to 2021 (57,4 percent). When it comes to the performance of the bots, Germany is exactly in line with the global average at 51,2 percent.

Malicious bots pose a significant risk to businesses: they compromise accounts, steal data, and increase spam. The consequences are higher infrastructure and support costs and the loss of users and customers. Collectively, billions of dollars are lost every year through automated attacks on companies' websites, infrastructure, APIs and apps.

Most bad bots in the financial industry

In Germany, the financial sector, consulting companies and the education sector stand out when it comes to the proportion of malicious bots. This is the highest at 88,7 percent, 76,4 percent and 76,1 percent respectively. On the other hand, the bad bots in these areas are only very sophisticated when it comes to consulting services (49,5 percent). In the financial sector, just under every tenth bot can be classified as highly developed, almost 60 percent are on a technically medium level and over 30 percent are only very rudimentary in their functionality. Also in education, only 8,5 percent are highly developed, while 43 percent are rudimentary.

The most sophisticated bots attack in retail

When it comes to news channels and news portals, the situation is similar: here the proportion of bad bots is over 75 percent; however, they can all only be classified as rudimentary – which, however, increases the likelihood of fake news. Conversely, the most highly developed and technologically advanced bots can be found in the retail sector at almost 52 percent. The proportion of bad bots is rather low here at 37 percent from the outset, compared to 21 percent of benevolent bots and 36 percent of traffic generated by human users.

In an international comparison, it can be said that the majority of countries have a bad bot problem. Of the 13 countries included in the study, seven had bad bot traffic rates above the global average of 30,2 percent. Germany is in first place with 68,6 percent, followed by Ireland with 45,1 percent and Singapore (43,1 percent). The USA is also above average at 32,1 percent.

Technical insights from the Imperva Bad Bot Report 2023

  • Bad bots are becoming increasingly sophisticated and difficult to spot: Across industries, 68,6 percent of all malicious bots in Germany are equipped with advanced technologies. Malicious, sophisticated bots are of particular concern: they closely mimic human behavior and are difficult, if not impossible, to detect as such. They randomly choose IPs, gain access through anonymous proxies, and customize their identities.
  • Account takeover attacks increased by 2022 percent in 155: Globally, 15 percent of all login attempts across all industries turned out to be account takeovers. Bad bots fill out registration forms and are used for brute force attacks. Users lose access to their own accounts and the bots can also view and steal the data stored in the accounts. Companies, in turn, face severe penalties because they do not comply with data protection requirements.
  • Identify business logic and use it for your own purposes: Bad bots target APIs to copy business logic. 17 percent of all attacks on APIs worldwide in the past year came from bots. A business logic attack exploits vulnerabilities in the design and implementation of an API or application to manipulate operations, steal sensitive data, or illegally gain access to accounts. In general, 35 percent of account takeover attacks in 2022 were carried out via an API. When APIs are called programmatically, attackers can automate their takeover attempts without being noticed.
  • Browser settings favor bad bots: One in five malicious bots was launched via the Mobile Safari browser in 2022; It was 16,1 percent in 2021. Certain browser privacy settings can obscure the behavior of malicious bots and make it difficult for companies to detect and stop automated traffic.
More at


About Imperva

Imperva is a leading provider of comprehensive digital security dedicated to helping organizations secure their data and all routes to it. Only Imperva protects all digital areas - from business logic to APIs and microservices to the data layer - and both vulnerable legacy systems and cloud-based companies. Imperva protects customers' applications, data and websites from cyber attacks worldwide.

Matching articles on the topic

Malicious site hopping

Recently, a new technique for bypassing security scanners has been increasingly used, namely “site hopping”. This technique is ➡ Read more

New Ransomware Group Money Message Discovered

Back in April of this year, a new ransomware group called “Money Message” became active. While the cyber criminals have so far remained under the radar ➡ Read more

Ward driving with artificial intelligence

AI tools are now used millions of times to research topics, write letters and create images. But also in the area ➡ Read more

LockBit publishes 43 GB of stolen Boeing data

Back in October, the APT group LockBit reported that Boeing's systems had been penetrated and a lot of data had been stolen ➡ Read more

Veeam ONE: Hotfix for critical vulnerabilities is available 

Veeam is informing its users about two critical and two medium vulnerabilities in Veeam One for which patches are already available. The ➡ Read more

Cyber ​​attack on German Energy Agency – dena

According to its own information, the German Energy Agency reported a cyber attack on the weekend of November 11th to 12th. The servers are ➡ Read more

LockBit: Stolen Shimano data probably published

According to LockBit, the Japanese bicycle parts manufacturer Shimano was the target of a ransomware attack and was apparently unwilling to pay a ransom ➡ Read more

IoT devices: threat from the dark web

IoT devices are a popular target for cybercriminals. On the Darknet, these attacks are offered as a service. In particular, services for DDoS attacks ➡ Read more